I have a PHP project that allows users to submit an article / tutorial and before I insert the data to my database I do
$content1 = htmlspecialchars($userscontent);
$content = htmlentities($content1, ENT_QUOTES);
for safety purposes and when I output the data from my database I decode it. Now I want that text to be structured and not just written on one line and I also want to add the ability to add images to the articles and I have no idea which is the best way to go about this.
Any help is appreciated.
Could you not just use the decode?
$result1 = html_entity_decode($result, ENT_QUOTES);
$result = htmlspecialchars_decode($result1);
References:
Although, I would definitely recommend doing what @CD001 says and use the HtmlPurifier library.